<?php
(!defined('IN_SYSTEM') || !defined('ADMIN_PRE')) && exit('Access Denied!');
$f = isset($_REQUEST['f'])?$_REQUEST['f']:'index';
if(isset($_G['usergroup']['access']["adv$f"]) && !ican("adv$f")){
	msg('没有权限');
}
$m = new AdvModule;
$m->$f();
class AdvModule
{
	function index() {
		global $_G;
		$query=$_G['db']->page_query("SELECT * FROM".table('adv')."WHERE 1 $where $order",10);
		while($rs=$_G['db']->fetch_array($query)){
			$rs['content'] = unserialize( $rs['content'] );
			$datas[]=$rs;
		}
		$num=$_G['db']->result("SELECT count(id) FROM".table('adv')."WHERE 1 $where ");
		$page=pager($num,10);
		include admintemplate('adv/index');
	}
	function add(){
		global $_G;
		$id=getGP('id','','int');
		if(check_submit("advsubmit")) {
			$post=getGP('adv','p','array');
			$type=check_str($post['type']);
			$data=array(
				'inuse' => $post['inuse'],
				'title' => check_str($post['title']),
				'endtime' => gtime($post['endtime']),
				'starttime' => gtime($post['starttime']),
				'displayorder' => $post['displayorder'],
				'content' => $post[$type],
			);
			
			$data['content']['type'] = $type ;
			if( !$data['title'] ) msg(l('please input title','adv'));
			if( !$type ) msg(l('please select show type','adv'));
			if( $data['endtime'] && ( $data['endtime'] <= TIMESTAMP || $data['endtime'] <= $data['starttime'] )) msg(l('please select correct time','adv'));
			if(($type == 'code' && !$post['code']['html'])
				|| ($type == 'text' && (!$post['text']['title'] || !$post['text']['link']))
				|| ($type == 'image' && (!$_FILES['advimage'] && !getGP('advimage','p') || !$post['image']['link']))
				|| ($type == 'flash' && (!$_FILES['advflash'] && !getGP('advflash','p') || !$post['flash']['width'] || !$post['flash']['height']))) {
				msg(l('adv parameter invalid', 'adv'));
			}
			if($type == 'image' || $type == 'flash') {
				if($_FILES['adv'.$type]) {
					include libfile('upload.php');
					$upload = new upload('jpg|png|jpeg|bmp|swf', $_G['settings']['upload']['file_size'], 'adv'.$type);
					$upload->set_dir(BASE_ROOT.DATA_DIR.'adv/');
					$files = $upload->execute_single();
					if($files['status'] == 1){
						$data['content']['url'] = BASE_URL.$files['path'].$files['name'];
					}
				} else {
					$data['content']['url'] = getGP('adv'.$type,'p');
				}
			}
			switch($type) {
				case 'code':
					$data['code'] = $post['code']['html'];
					break;
				case 'text':
					$data['code'] = '<a href="'.$post['text']['link'].'" target="_blank">'.$post['text']['title'].'</a>';
					break;
				case 'image':
					$data['code'] = '<a href="'.$post['image']['link'].'" target="_blank"><img src="'.$data['content']['url'].'"'.($post['image']['height'] ? ' height="'.$post['image']['height'].'"' : '').($post['image']['width'] ? ' width="'.$post['image']['width'].'"' : '').($post['image']['alt'] ? ' alt="'.$post['image']['alt'].'"' : '').' border="0"></a>';
					break;
				case 'flash':
					$data['code'] = '<embed width="'.$post['flash']['width'].'" height="'.$post['flash']['height'].'" src="'.$data['content']['url'].'" type="application/x-shockwave-flash" wmode="transparent"></embed>';
					break;
			}
			$data['content'] = my_serialize( $data['content'] );
			if( $id ) {
				$_G['db']->update('adv',$data,array('id'=>$id));
			} else {
				$_G['db']->insert('adv',$data);
			}
			msg(l('Operation Succes','adv'),url('admin.php?m=adv&f=index'));
		}
		if($id){
			$adv=$_G['db']->fetch('adv','*',array('id'=>$id));
			$adv['content'] = unserialize( $adv['content'] );
		}
		include admintemplate('adv/add');
	}
	
	function delete(){
		global $_G;
		if( !ican('advdelete') )msg(l('No Permission','adv'));
		$id=getGP('id','G','int');
		$ids=getGP('id','P','array');
		
		if($id<1  && empty($ids))msg(l('Parameter Error','adv'));
		
		if( $id )$_G['db']->delete('adv',array('id'=>$id));
		if( !empty($ids) )$_G['db']->delete('adv','id IN('.implode(',',$ids).')');
		msg(l('Operation Succes','adv'));
	}
	
	function edit(){
		global $_G;
		if( !ican('advedit') )msg(l('No Permission','adv'));
		$ids=getGP('id','P','array');
		$inuse=getGP('inuse','P','array');
		$displayorder=getGP('displayorder','P','array');
		
		if(empty($ids))msg(l('Parameter Error','adv'));
		
		if( !empty($ids) ) {
			foreach($ids as $id) {
				if($id < 1) continue;
				$data = array(
					'inuse' => $inuse[$id],
					'displayorder' => $displayorder[$id]
				);
				$_G['db']->update('adv',$data,array('id'=>$id));
			}
		}
		msg(l('Operation Succes','adv'));
	}
}